Despite advances in malware protection, endpoints get infected every day, even those running some form of antivirus or other defense that the threat is able to circumvent.

In our recent roundup of anti-virus programs, we discovered several new techniques being employed by anti-virus companies to make PCs safer against advanced threats. Even so, many anti-virus companies we talked with acknowledged that their software can’t catch everything, especially within those commonly exploited areas that are tricky to defend.

But what if something could? There are companies employing hypervisors, virtualization containers and sandboxing at endpoints to keep malware away from files and off the network. These programs specifically protect those very areas that most antivirus has trouble with, sealing a hole that malware had used for years to infect even secure endpoints.